Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8BZB6Ps0ZqWdnTmdl_WHkzOCe48.roa
File: 8BZB6Ps0ZqWdnTmdl_WHkzOCe48.roa (raw, json)
Hash identifier: xw8eVnJ287NU02IndeYbQUemkIMvRlCV+TbfStlERao=
Subject key identifier: F0:16:41:E8:FB:34:66:A5:9D:9D:39:9D:97:F5:87:93:33:82:7B:8F
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01942748A16E8C46EB6191FED9471497A48C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8BZB6Ps0ZqWdnTmdl_WHkzOCe48.roa
Signing time: Thu 02 Jan 2025 13:50:58 +0000
ROA not before: Thu 02 Jan 2025 13:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 45.152.162.0/23 maxlen: 23
45.152.162.0/24 maxlen: 24
45.152.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Jan 2025 09:45:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:a1:6e:8c:46:eb:61:91:fe:d9:47:14:97:a4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f01641e8fb3466a59d9d399d97f5879333827b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:44:14:26:70:3b:b8:33:f3:16:2b:ad:d3:3a:
36:d9:dd:79:f2:9f:99:80:2d:9a:03:9c:5c:35:e5:
4f:e7:2b:ca:8d:c4:6c:c0:2d:e8:45:e2:10:d3:34:
e8:03:7c:bb:ab:45:7b:c9:6e:74:0e:bb:d8:73:83:
4a:84:75:1b:ce:1f:25:1e:4b:92:b0:a1:a5:c2:23:
1f:89:66:1d:4f:e7:9c:a5:d6:bf:ea:95:74:cf:b3:
2a:00:53:34:f3:e8:af:27:d6:ca:2f:d9:1e:88:dd:
dc:37:b2:05:0f:f7:31:a5:17:ef:46:4a:e5:4f:e4:
55:3f:3c:33:0c:d7:46:83:d3:32:15:53:2b:ff:51:
c8:0a:34:ab:5d:11:54:69:2b:68:45:95:85:19:d9:
64:23:3f:9d:45:38:a5:a8:da:fc:c0:da:10:d1:0c:
a0:7c:5a:96:cb:38:f0:9d:9e:61:c4:0d:4a:fe:ba:
e7:16:88:f0:3e:d7:08:a7:16:4d:1d:14:c7:81:4d:
fb:ed:9d:aa:06:d2:ac:a3:e3:09:08:d1:0e:67:ba:
62:7c:9c:dd:69:f2:a0:46:39:57:59:96:ac:8d:48:
e2:c2:25:ff:e4:39:ee:a7:85:ae:24:6b:b1:79:3f:
f7:a4:f9:22:26:c1:8f:5c:7b:25:a3:76:dc:e5:59:
60:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:16:41:E8:FB:34:66:A5:9D:9D:39:9D:97:F5:87:93:33:82:7B:8F
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/8BZB6Ps0ZqWdnTmdl_WHkzOCe48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.162.0/23
Signature Algorithm: sha256WithRSAEncryption
39:f9:52:6d:c7:27:8f:da:84:1d:8f:df:3b:fb:a5:70:71:98:
e5:66:7b:99:2f:b1:a5:33:e6:73:79:7e:31:bf:6b:25:43:16:
b8:a8:cf:94:51:17:81:3b:22:87:22:f3:b7:dc:3f:65:c9:95:
60:59:ef:35:58:b2:91:d2:d4:6d:dc:44:6b:33:3d:8b:48:f7:
0e:ae:a3:8d:64:5f:7b:00:78:30:c6:50:1e:e7:a3:e7:9b:80:
f4:fd:fa:98:42:e5:86:b5:dd:b5:2e:7a:9c:47:77:31:db:1d:
a1:66:af:66:79:cf:0e:7b:76:9c:70:4b:6d:57:bf:3c:90:83:
aa:e0:ed:94:1f:29:8a:c2:e1:4f:f7:ee:c3:7e:ae:e6:c4:3c:
1d:12:e0:ae:38:4c:c6:95:fa:30:3d:08:63:12:b8:c8:5d:15:
a3:50:33:16:2a:a2:4e:23:01:3d:91:34:fa:87:23:66:61:90:
bc:51:e1:9f:55:43:2e:7e:b3:f2:a8:42:51:09:7f:b2:7c:cc:
fd:85:00:1c:09:04:34:de:26:96:b1:06:ad:cd:75:35:ae:9e:
ac:a1:06:cc:26:60:08:62:34:a8:f0:ab:69:8f:51:19:79:4b:
b7:23:12:f7:3d:73:60:2e:5b:ef:0d:6d:d8:f1:1c:ef:d0:04:
e8:0c:9a:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSKFujEbrYZH+2UcUl6SMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDE2NDFlOGZiMzQ2NmE1OWQ5ZDM5OWQ5N2Y1ODc5MzMzODI3YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUQUJnA7uDPzFiut0zo22d158p+Z
gC2aA5xcNeVP5yvKjcRswC3oReIQ0zToA3y7q0V7yW50DrvYc4NKhHUbzh8lHkuS
sKGlwiMfiWYdT+ecpda/6pV0z7MqAFM08+ivJ9bKL9keiN3cN7IFD/cxpRfvRkrl
T+RVPzwzDNdGg9MyFVMr/1HICjSrXRFUaStoRZWFGdlkIz+dRTilqNr8wNoQ0Qyg
fFqWyzjwnZ5hxA1K/rrnFojwPtcIpxZNHRTHgU377Z2qBtKso+MJCNEOZ7pifJzd
afKgRjlXWZasjUjiwiX/5Dnup4WuJGuxeT/3pPkiJsGPXHslo3bc5VlgCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPAWQej7NGalnZ05nZf1h5MzgnuPMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvOEJaQjZQczBacVdkblRtZGxfV0hrek9DZTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZiiMA0G
CSqGSIb3DQEBCwUAA4IBAQA5+VJtxyeP2oQdj987+6VwcZjlZnuZL7GlM+ZzeX4x
v2slQxa4qM+UUReBOyKHIvO33D9lyZVgWe81WLKR0tRt3ERrMz2LSPcOrqONZF97
AHgwxlAe56Pnm4D0/fqYQuWGtd21LnqcR3cx2x2hZq9mec8Oe3accEttV788kIOq
4O2UHymKwuFP9+7Dfq7mxDwdEuCuOEzGlfowPQhjErjIXRWjUDMWKqJOIwE9kTT6
hyNmYZC8UeGfVUMufrPyqEJRCX+yfMz9hQAcCQQ03iaWsQatzXU1rp6soQbMJmAI
YjSo8Ktpj1EZeUu3IxL3PXNgLlvvDW3Y8Rzv0AToDJoX
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:13:49 2025 by rpki-client